Proceedings ArticleDOI
Cryptanalysis of oPass
K. Marimuthu,D. Ganesh Gopal,Shivam Aditya,Varun Mittal +3 more
- pp 329-334
Reads0
Chats0
TLDR
It is proved that oPass proposed by H.M.Sun et al. is not suitable for practical application.Abstract:
The security of oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks proposed by HMSun et al in IEEE Transactions on Information Forensics and Security, Vol7, No2, April 2012 is analyzed Upon completion of the analysis of the paper, four kinds of attacks SMS service, attacks on oPass communication links, unauthorised intruder access using the master password and Network attacks on untrusted web browser are identified in different scenarios Thus, we proved that oPass proposed by HMSun et al is not suitable for practical applicationread more
References
More filters
Journal ArticleDOI
oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks
TL;DR: A user authentication protocol named oPass is designed which leverages a user's cellphone and short message service to thwart password stealing and password reuse attacks and is believed to be efficient and affordable compared with the conventional web authentication mechanisms.
Related Papers (5)
Attack and Improvement on the One-Time Password Authentication Protocol Against Theft Attacks
Wen-Chung Kuo,Yung-Cheng Lee +1 more